on possible ambiguity in Key IDs [was: Re: Help with OpenPGP plugin in Mozilla Thunderbird and Claws Mail]
Robert J. Hansen
rjh at sixdemonbag.org
Wed Feb 16 05:44:00 CET 2011
On 2/15/11 11:35 PM, Daniel Kahn Gillmor wrote:
> Long-form keyIDs (of the form 0xDECAFBADDEADBEEF) are significantly
> harder to spoof, but easily within reach of a well-funded organization.
IIRC, Jon Callas says an accidental long-ID collision has occurred. I
don't recall the details. Still, the point is that collisions don't
just happen by deliberate attack.
More information about the Gnupg-users